Add Voice Biometrics to Mobile Apps

Add Voice Biometrics to Your Mobile App

Thanks to technology implementations by Google and Apple, mobile app developers have more options than ever to improve security through the use of biometrics and certificates on mobile devices. But as an app developer, don't you want control over the security mechanism without having to rely on the capabilities of the device, the device vendor, or the device operating system? How can you implement voice biometrics security without depending on Google or Apple?

One simple way to deliver a "mobile" voice biometric solution is to use the mobile device to make or receive a phone call, as we describe in our Multi-Factor Authentication and Voice Biometrics page. Phone calls work on all phones, whether smartphone or older non-smartphones. But, using a telephone carrier requires an extra step outside of your mobile app, and leaving your app is often undesirable. And what about tablets and other devices that may be using Wi-Fi but are unable to send and receive phone calls?

There is good news however: you can leverage our RESTful API and the VBG Platform! In this scenario, you simply use the native audio capture capability in the mobile device to record a speech sample from the user, which is then sent to the VBG Platform using either Wi-Fi or the data network (no telephone carrier network needed). If you are not already familiar with how audio capture fits into a voice biometrics solution, check out our Considering Voice Biometrics? page. If you understand the basics of building a voice biometric application, and are now ready to start using our platform, then check out our Are You a Developer? page. It explains the logic flow of a voice biometrics application regardless of the communication channel.

Mobile App Architecture For Voice Biometrics

One of the first questions that comes up regarding voice biometrics on mobile devices is: does the voice biometric engine and voiceprint need to be stored on the device? There are differing philosophies regarding the best architecture, but VBG believes the voice biometric engine and voiceprint should NOT be placed on the device. Today, smartphones, cell phones, and other mobile devices are specifically designed to be connected to a network somehow, and we believe it is makes sense to leverage the network. Rationale for this belief appears below.

If the mobile device is connected to a network, embedding the engine is definitely not required. As is done with Siri and Ok, Google, it is very easy to design your application to record speech samples on the mobile device and send them over the data channel to our voice biometrics engine. You do this directly from your app by enabling the microphone, prompting the user appropriately, having the repeat the prompt, and then submitting the speech sample to the engine. It only takes a few seconds, and the voice snippet is typically only 20 to 75 kbytes, a relatively small amount of data. The engine then gives your application a response back that leads to a next step, usually either enabling access or blocking access. The benefits of a service-oriented approach are numerous:

Development is easier and deployment is quicker when leveraging cloud resources

On-going maintenance and support are greatly simplified too

The voice biometric engine code is not exposed to hacking and reverse engineering

Individual voiceprints (PII) are not exposed to hacking and pirating

The performance of the engine is not limited to resources on the device

Major enhancements to the engine are centralized and do not require upgrading the mobile application

If you can develop and deploy code on the mobile device, and you have access to our RESTful APIs, you can build a total solution in several ways. For example, we built an Android mobile app using a simple web-style form and PhoneGap that mimics our visual web demo. Our mobile demo app communicates directly to our servers through the data network (no carrier needed). The Customer ID and API Access Key are pre-loaded in the mobile app but are configurable. The app enables you to enroll and verify using either RandomPIN™ or a Static Passphrase. The demo app also offers a few option settings, such as enabling the ability to auto-submit audio at the end of a recording or only when you tap the submit button. Our demo app is simple, functional and operates entirely standalone. The screenshots below give you an idea of what happens in the mobile app.

Get Started Quickly

To prove to yourself that voice biometrics will work on a mobile application, contact VBG and request a trial of our VBG Enterprise™ system. Once we exchange a mutual NDA, we'll send you our demo APK (Android only for now) that runs stand-alone against an internal account in our system. We'll then set you up with your own account, so you can build your own mobile app with a secure account specific to you.

For U.S. based companies, and in certain circumstances, it may be also be possible for us to release our Android source code to you -- to help further expediate development.